diff options
author | Michael Koziarski <michael@koziarski.com> | 2008-11-23 15:29:11 +0100 |
---|---|---|
committer | Michael Koziarski <michael@koziarski.com> | 2008-11-23 15:33:59 +0100 |
commit | d460c9a25560f43e7c3789abadf7b455053eb686 (patch) | |
tree | 993601a1ca249b95874d433d207a04770e21b532 /activesupport/test | |
parent | c4a0143854e6fecae5e1820f4f054e33547e866f (diff) | |
download | rails-d460c9a25560f43e7c3789abadf7b455053eb686.tar.gz rails-d460c9a25560f43e7c3789abadf7b455053eb686.tar.bz2 rails-d460c9a25560f43e7c3789abadf7b455053eb686.zip |
Add ActiveSupport::MessageVerifier to aid users who need to store tamper-proof messages in cookies etc.
This is particularly useful for things like remember-me tokens in web applications and auto-unsubscribe links in emails.
Diffstat (limited to 'activesupport/test')
-rw-r--r-- | activesupport/test/message_verifier_test.rb | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/activesupport/test/message_verifier_test.rb b/activesupport/test/message_verifier_test.rb new file mode 100644 index 0000000000..c7ea4cb962 --- /dev/null +++ b/activesupport/test/message_verifier_test.rb @@ -0,0 +1,25 @@ +require 'abstract_unit' + +class MessageVerifierTest < Test::Unit::TestCase + def setup + @verifier = ActiveSupport::MessageVerifier.new("Hey, I'm a secret!") + @data = {:some=>"data", :now=>Time.now} + end + + def test_simple_round_tripping + message = @verifier.generate_message(@data) + assert_equal @data, @verifier.verify_message(message) + end + + def test_tampered_data_raises + data, hash = @verifier.generate_message(@data).split("--") + assert_not_verified("#{data.reverse}--#{hash}") + assert_not_verified("#{data}--#{hash.reverse}") + end + + def assert_not_verified(message) + assert_raises(ActiveSupport::MessageVerifier::InvalidSignature) do + @verifier.verify_message(message) + end + end +end |